Home » RDBMS Server » Networking and Gateways » RADIUS authentication - ORA-12638
RADIUS authentication - ORA-12638 [message #275421] Fri, 19 October 2007 21:38
sorc
Messages: 1
Registered: October 2007
Junior Member
I use win2003 IAS as RADIUS and authentication server
and setting up RADIUS authentication on oracle 10.2.0.2 installed on the same win2003 server.
server settings:
#server's sqlnet.ora
SQLNET.AUTHENTICATION_SERVICES= (RADIUS)

TRACE_DIRECTORY_SERVER = c:\oracle\trace
TRACE_FILE_SERVER = server.trc
TRACE_LEVEL_SERVER = 16

SQLNET.RADIUS_AUTHENTICATION = 192.168.0.10
#server's listener.ora
LISTENER =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = sorc2003)(PORT = 1521))
  )
client settings:
#client's sqlnet.ora
SQLNET.AUTHENTICATION_SERVICES = (RADIUS)

NAMES.DIRECTORY_PATH= (TNSNAMES)

TRACE_DIRECTORY_CLIENT = C:\oracle\trace
TRACE_FILE_CLIRNT = client.trc
TRACE_LEVEL_CLIENT = 16
#client's tnsnames.ora
ORA10 =
  (DESCRIPTION =
    (ADDRESS_LIST =
      (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.0.10)(PORT = 1521))
    )
    (CONNECT_DATA =
      (SERVICE_NAME = ora10)
    )
  )
it works well with this configuration
C:\oracle\ora102\NETWORK\ADMIN>sqlplus test@ORA10

SQL*Plus: Release 10.2.0.1.0 - Production on Fri Oct 19 20:23:45 2007

Copyright (c) 1982, 2005, Oracle.  All rights reserved.

Enter password:

Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.2.0 - Production
With the Partitioning, Oracle Label Security, OLAP and Data Mining options
and at this time I see successful authentication message in IAS log.

but with SQLNET.RADIUS_CHALLENGE_RESPONSE = ON in server's sqlnet.ora
it says ORA-12638
#server's sqlnet.ora
SQLNET.AUTHENTICATION_SERVICES= (RADIUS)

TRACE_DIRECTORY_SERVER = c:\oracle\trace
TRACE_FILE_SERVER = server.trc
TRACE_LEVEL_SERVER = 16

SQLNET.RADIUS_AUTHENTICATION = 192.168.0.10
SQLNET.RADIUS_CHALLENGE_RESPONSE = ON
C:\oracle\ora102\NETWORK\ADMIN>sqlplus test@ORA10

SQL*Plus: Release 10.2.0.1.0 - Production on Fri Oct 19 20:14:35 2007

Copyright (c) 1982, 2005, Oracle.  All rights reserved.

Enter password:
ERROR:
ORA-12638: Credential retrieval failed
here is the part of client trace:
............
[19-OCT-2007 20:14:36:515] na_csrd: entry
[19-OCT-2007 20:14:36:515] nau_ccn: entry
[19-OCT-2007 20:14:36:515] naurget: entry
[19-OCT-2007 20:14:36:515] nacomrp: entry
[19-OCT-2007 20:14:36:515] nacomrp: exit
[19-OCT-2007 20:14:36:515] snaurj_init: entry
[19-OCT-2007 20:14:36:545] nam_gnsp: Reading parameter "sqlnet.radius_classpath" from parameter file
[19-OCT-2007 20:14:36:545] nam_gnsp: Parameter not found
[19-OCT-2007 20:14:36:545] nam_gnsp: Reading parameter "sqlnet.radius_authentication_interface" from parameter file
[19-OCT-2007 20:14:36:545] nam_gnsp: Parameter not found
[19-OCT-2007 20:14:36:545] snaurj_init: getJVM() failed.
[19-OCT-2007 20:14:36:545] snaurj_init: exit
[19-OCT-2007 20:14:36:545] naurget: snaurj_init() failed.
[19-OCT-2007 20:14:36:545] snaurj_close: entry
[19-OCT-2007 20:14:36:545] snaurj_close: exit
[19-OCT-2007 20:14:36:545] naurget: exit
[19-OCT-2007 20:14:36:545] nau_ccn: get credentials function failed
[19-OCT-2007 20:14:36:545] nau_ccn: failed with error 12638
[19-OCT-2007 20:14:36:545] nacomsd: entry
[19-OCT-2007 20:14:36:545] nacomfsd: entry
[19-OCT-2007 20:14:36:545] nacomfsd: exit
[19-OCT-2007 20:14:36:545] nacomsd: exit
[19-OCT-2007 20:14:36:545] nau_ccn: exit
[19-OCT-2007 20:14:36:545] na_csrd: failed with error 12638
[19-OCT-2007 20:14:36:545] na_csrd: exit
..............
It seems that something wrong with java on client-side. [19-OCT-2007 20:14:36:545] snaurj_init: getJVM() failed.

Can you help me to solve this issue?
Previous Topic: ORA-12545
Next Topic: Accessing Oracle database from a remote machine programatically
Goto Forum:
  


Current Time: Mon Nov 25 19:33:30 CST 2024